Secure Login; what is the best method?

I need to include a 'member?s area' on a website with a secure login.
The membership changes from time to time with new members coming in and old
members leaving.
How can I restrict the use to current members only?

This forums login for example is of no use as anybody can join, although I
suppose Macromedia do know who we are.

I have a database on the site so that the public can 'find a member' and I
could add additional fields to that database.

My bank use a method by which they send you a pass number, when I log on I
have to use this number together with my d.o.b. and 3 random numbers from a 6
figure number of my initial choosing. This would appear to be very secure, but
is it going a bit over the top.

I do need to restrict access to non-members and ex-members. Any ideas?

Regards
Alan

Apply the built-in login behavior. Alter the login behavior (it will check for
a user record where the username and password match) by adding a third
condition, say AND Active=1 where "Active" is a field you've added to indicate
active members. 1=active member, 0=ex-member.

And don't forget to apply the restrict access behavior on all the pages you want to lock, else someone can just save the path and bypass the login once they get the URL.